Lucene search

K
cve[email protected]CVE-2015-4486
HistoryAug 16, 2015 - 1:59 a.m.

CVE-2015-4486

2015-08-1601:59:14
CWE-119
web.nvd.nist.gov
60
cve-2015-4486
mozilla firefox
firefox esr
libvpx
remote code execution
denial of service
out-of-bounds read
nvd

7.4 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.018 Low

EPSS

Percentile

88.0%

The decrease_ref_count function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via malformed WebM video data.

Affected configurations

NVD
Node
canonicalubuntu_linuxMatch12.04lts
OR
canonicalubuntu_linuxMatch14.04lts
OR
canonicalubuntu_linuxMatch15.04
OR
opensuseopensuseMatch13.1
OR
opensuseopensuseMatch13.2
Node
mozillafirefoxRange39.0.3
OR
mozillafirefox_esrMatch38.0
OR
mozillafirefox_esrMatch38.0.1
OR
mozillafirefox_esrMatch38.0.5
OR
mozillafirefox_esrMatch38.1.0
Node
oraclesolarisMatch11.3

References

7.4 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.018 Low

EPSS

Percentile

88.0%